Security Basics mailing list archives
Re: Squid Logs - HELP
From: Michael Rice <michael () riceclan org>
Date: Mon, 26 Jul 2004 15:10:16 -0500
I can't tell you much about the default install of squid on rh8, but I may be able to help you find your logs. locate squid.conf # this will tell you one or more filenames -- pick the one # that is most likely to actually control your squid logs # and use that below, mine is /etc/squid/squid.conf grep cache_access_log /etc/squid/squid.conf # TAG: cache_access_log # cache_access_log /var/log/squid/access.log # because it is commented out it is likely the default value. # looking at that directory on my filesystem I can see my # access.log is actually present. egrep squid /etc/logrotate.d/* # this gives me several lines of output, but the important # thing is the name of the file that my squid logs are configured # in: /etc/logrotate.d/squid cat /etc/logrotate.d/squid /var/log/squid/access.log { weekly rotate 5 copytruncate compress notifempty missingok } [...] # reading this, my access log is rotated, compressed, and truncated # every week, and I keep at most 5 rotated logs (6 weeks of logs is # all that I have). To verify, find the log with the highest revision number (which should be your oldest log). zcat access.log.5.gz | head -1 Look at the timestamp on that log entry. If the entries you want are before that date, they've already rolled off. Hope that helps. Good luck. On Fri, 2004-07-23 at 12:59, George Lantz wrote:
I hope someone can help me. I am using the default installation of squid on an old Red Hat 8.0 box. I have to find really old log files from about 2-3 years ago. It is VERY important that I find these. Unfortunately for me, they are on log rotation and I think they may have been overwritten. Is there any to find really old log entries? I hope there is some way to find these. I know I am SOL. But if any list can think of something it is this one. Any help or suggestions would be greatly, greatly appreciated. Also, I did uncompress these logs and viewed them in a text editor. Maybe there is a way to find the files that way? Thanks, guys (and gals) -George- --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
-- Michael Rice <michael () riceclan org> --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Squid Logs - HELP George Lantz (Jul 26)
- Re: Squid Logs - HELP Michael Rice (Jul 27)
- Re: Squid Logs - HELP Florian Streck (Jul 27)